1,619 totalEPSS avg 51.6%

KEVKnown Exploited Vulnerabilities

CISA’s actively-exploited catalogue · refreshed weekly · authored by Adam Lundqvist

Showing 1,619 of 1,619 · page 17 of 33

CVEVendor / ProductTitleKEV addedEPSS
CVE-2018-13374Fortinet / FortiOS and FortiADCFortinet FortiOS and FortiADC Improper Access Control Vulnerability2022-09-08
38.1%
CVE-2018-2628Oracle / WebLogic ServerOracle WebLogic Server Unspecified Vulnerability2022-09-08
99.4%
CVE-2018-6530D-Link / Multiple RoutersD-Link Multiple Routers OS Command Injection Vulnerability2022-09-08
96.6%
CVE-2018-7445MikroTik / RouterOSMikroTik RouterOS Stack-Based Buffer Overflow Vulnerability2022-09-08
61.0%
CVE-2020-9934Apple / iOS, iPadOS, and macOSApple iOS, iPadOS, and macOS Input Validation Vulnerability2022-09-08
3.2%
CVE-2022-26258D-Link / DIR-820LD-Link DIR-820L Remote Code Execution Vulnerability2022-09-08
81.2%
CVE-2022-27593QNAP / Photo StationQNAP Photo Station Externally Controlled Reference Vulnerability2022-09-08
87.9%
CVE-2022-3075Google / Chromium MojoGoogle Chromium Mojo Insufficient Data Validation Vulnerability2022-09-08
5.7%
CVE-2020-28949PEAR / Archive_TarPEAR Archive_Tar Deserialization of Untrusted Data Vulnerability2022-08-25
84.6%
CVE-2020-36193PEAR / Archive_TarPEAR Archive_Tar Improper Link Resolution Vulnerability2022-08-25
70.6%
CVE-2021-31010Apple / iOS, macOS, watchOSApple iOS, macOS, watchOS Sandbox Bypass Vulnerability2022-08-25
3.7%
CVE-2021-38406Delta Electronics / DOPSoft 2Delta Electronics DOPSoft 2 Improper Input Validation Vulnerability2022-08-25
77.9%
CVE-2021-39226Grafana Labs / GrafanaGrafana Authentication Bypass Vulnerability2022-08-25
100.0%
CVE-2022-2294WebRTC / WebRTCWebRTC Heap Buffer Overflow Vulnerability2022-08-25
70.5%
CVE-2022-22963VMware Tanzu / Spring CloudVMware Tanzu Spring Cloud Function Remote Code Execution Vulnerability2022-08-25
99.9%
CVE-2022-24112Apache / APISIXApache APISIX Authentication Bypass Vulnerability2022-08-25
96.2%
CVE-2022-24706Apache / CouchDBApache CouchDB Insecure Default Initialization of Resource Vulnerability2022-08-25
92.3%
CVE-2022-26352dotCMS / dotCMSdotCMS Unrestricted Upload of File Vulnerability2022-08-25
91.5%
CVE-2022-0028Palo Alto Networks / PAN-OSPalo Alto Networks PAN-OS Reflected Amplification Denial-of-Service Vulnerabi…2022-08-22
2.0%
CVE-2017-15944Palo Alto Networks / PAN-OSPalo Alto Networks PAN-OS Remote Code Execution Vulnerability2022-08-18
98.3%
CVE-2022-21971Microsoft / WindowsMicrosoft Windows Runtime Remote Code Execution Vulnerability2022-08-18
53.7%
CVE-2022-22536SAP / Multiple ProductsSAP Multiple Products HTTP Request Smuggling Vulnerability2022-08-18
97.9%
CVE-2022-26923Microsoft / Active DirectoryMicrosoft Active Directory Domain Services Privilege Escalation Vulnerability2022-08-18
83.3%
CVE-2022-2856Google / Chromium IntentsGoogle Chromium Intents Insufficient Input Validation Vulnerability2022-08-18
4.5%
CVE-2022-32893Apple / iOS and macOSApple iOS and macOS Out-of-Bounds Write Vulnerability2022-08-18
9.8%
CVE-2022-32894Apple / iOS and macOSApple iOS and macOS Out-of-Bounds Write Vulnerability2022-08-18
3.3%
CVE-2022-27925Synacor / Zimbra Collaboration Suite (ZCS)Synacor Zimbra Collaboration Suite (ZCS) Arbitrary File Upload Vulnerability2022-08-11
98.2%
CVE-2022-37042Synacor / Zimbra Collaboration Suite (ZCS)Synacor Zimbra Collaboration Suite (ZCS) Authentication Bypass Vulnerability2022-08-11
88.3%
CVE-2022-30333RARLAB / UnRARRARLAB UnRAR Directory Traversal Vulnerability2022-08-09
99.0%
CVE-2022-34713Microsoft / WindowsMicrosoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulner…2022-08-09
68.0%
CVE-2022-27924Synacor / Zimbra Collaboration Suite (ZCS)Synacor Zimbra Collaboration Suite (ZCS) Command Injection Vulnerability2022-08-04
84.6%
CVE-2022-26138Atlassian / ConfluenceAtlassian Questions For Confluence App Hard-coded Credentials Vulnerability2022-07-29
98.2%
CVE-2022-22047Microsoft / WindowsMicrosoft Windows Client Server Runtime Subsystem (CSRSS) Privilege Escalatio…2022-07-12
18.9%
CVE-2022-26925Microsoft / WindowsMicrosoft Windows LSA Spoofing Vulnerability2022-07-01
9.8%
CVE-2018-4344Apple / Multiple ProductsApple Multiple Products Memory Corruption Vulnerability2022-06-27
2.9%
CVE-2019-8605Apple / Multiple ProductsApple Multiple Products Use-After-Free Vulnerability2022-06-27
17.5%
CVE-2020-3837Apple / Multiple ProductsApple Multiple Products Memory Corruption Vulnerability2022-06-27
16.1%
CVE-2020-9907Apple / Multiple ProductsApple Multiple Products Memory Corruption Vulnerability2022-06-27
3.7%
CVE-2021-30533Google / Chromium PopupBlockerGoogle Chromium PopupBlocker Security Bypass Vulnerability2022-06-27
16.6%
CVE-2021-30983Apple / iOS and iPadOSApple iOS and iPadOS Buffer Overflow Vulnerability2022-06-27
2.9%
CVE-2021-4034Red Hat / PolkitRed Hat Polkit Out-of-Bounds Read and Write Vulnerability2022-06-27
94.9%
CVE-2022-29499Mitel / MiVoice ConnectMitel MiVoice Connect Data Validation Vulnerability2022-06-27
56.7%
CVE-2022-30190Microsoft / WindowsMicrosoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulner…2022-06-14
99.4%
CVE-2016-2386SAP / NetWeaverSAP NetWeaver SQL Injection Vulnerability2022-06-09
71.1%
CVE-2016-2388SAP / NetWeaverSAP NetWeaver Information Disclosure Vulnerability2022-06-09
51.6%
CVE-2021-38163SAP / NetWeaverSAP NetWeaver Unrestricted File Upload Vulnerability2022-06-09
37.1%
CVE-2006-2492Microsoft / WordMicrosoft Word Malformed Object Pointer Vulnerability2022-06-08
48.4%
CVE-2007-5659Adobe / Acrobat and ReaderAdobe Acrobat and Reader Buffer Overflow Vulnerability2022-06-08
94.2%
CVE-2008-0655Adobe / Acrobat and ReaderAdobe Acrobat and Reader Unspecified Vulnerability2022-06-08
36.8%
CVE-2009-0557Microsoft / OfficeMicrosoft Office Object Record Corruption Vulnerability2022-06-08
58.6%
Sourced from CISA Known Exploited Vulnerabilities — current weekly refresh. EPSS scores from FIRST.org via epss.cyentia.com. Curated by Adam Lundqvist, Founder at SQUR.